Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/945f0e-268e-4947-abb3-a9424d948251/1/crBEIFdLGziWgks2si4dhchqp6o.roa
File: crBEIFdLGziWgks2si4dhchqp6o.roa (raw, json)
Hash identifier: GxzvA536G0cl6XPAfA1wzVi3UZpUQPgclrrPuq5ErpA=
Subject key identifier: 72:B0:44:20:57:4B:1B:38:96:82:4B:36:B2:2E:1D:85:C8:6A:A7:AA
Certificate issuer: /CN=f4457fbe10eb2ae6e0f8dc7ea62d70f3316c35db
Certificate serial: 018CC9BBED9601212054DCBAD68FB7AAF932
Authority key identifier: F4:45:7F:BE:10:EB:2A:E6:E0:F8:DC:7E:A6:2D:70:F3:31:6C:35:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EV_vhDrKubg-Nx-pi1w8zFsNds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/945f0e-268e-4947-abb3-a9424d948251/1/crBEIFdLGziWgks2si4dhchqp6o.roa
Signing time: Tue 02 Jan 2024 10:33:05 +0000
ROA not before: Tue 02 Jan 2024 10:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34529
IP address blocks: 109.205.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:ed:96:01:21:20:54:dc:ba:d6:8f:b7:aa:f9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4457fbe10eb2ae6e0f8dc7ea62d70f3316c35db
Validity
Not Before: Jan 2 10:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72b04420574b1b3896824b36b22e1d85c86aa7aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:98:2e:d2:60:d9:11:65:b4:1a:dd:ec:a7:4c:
b9:ba:f8:c5:2e:15:f2:ad:ca:62:fc:d4:86:12:27:
25:4a:b4:e0:15:47:9f:c7:88:0d:51:d9:c0:11:44:
58:3d:3d:da:bd:64:5a:d9:4b:7d:a9:65:52:d5:ee:
54:d7:19:29:b2:d5:34:be:af:a9:96:ac:ab:01:93:
13:53:39:c1:14:7d:eb:84:66:8f:90:48:55:4c:28:
5f:03:5d:3b:75:68:cf:b4:d3:34:59:92:9d:f5:f2:
89:bd:ed:ff:48:69:6d:9b:0e:c9:6a:cc:10:83:48:
9e:20:f5:81:cd:60:09:0c:bb:0f:6d:c2:9c:8d:d1:
2a:64:5c:22:cf:5c:50:1d:27:4d:65:29:6c:f2:a6:
41:9b:f6:e2:48:e0:27:3b:26:2f:48:86:ba:60:3e:
ea:48:cc:2f:f6:6f:5f:28:8d:d7:82:ae:1f:2a:e0:
a0:bc:8f:1a:8e:5f:09:47:a5:f2:bd:eb:a9:ee:64:
ac:bf:f9:76:1e:fc:74:55:2c:61:8b:1e:54:52:97:
96:dd:d1:1d:ac:3d:e6:d7:21:a8:15:e7:bd:99:8e:
2b:de:81:e0:90:d0:d2:54:4c:8b:d5:ea:77:2e:26:
88:b1:26:93:14:74:3e:71:9b:05:3e:0a:af:f1:8e:
27:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B0:44:20:57:4B:1B:38:96:82:4B:36:B2:2E:1D:85:C8:6A:A7:AA
X509v3 Authority Key Identifier:
keyid:F4:45:7F:BE:10:EB:2A:E6:E0:F8:DC:7E:A6:2D:70:F3:31:6C:35:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EV_vhDrKubg-Nx-pi1w8zFsNds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/945f0e-268e-4947-abb3-a9424d948251/1/crBEIFdLGziWgks2si4dhchqp6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/945f0e-268e-4947-abb3-a9424d948251/1/9EV_vhDrKubg-Nx-pi1w8zFsNds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.191.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:09:9a:09:29:43:5f:54:a8:46:b0:f2:54:19:99:08:eb:c5:
f8:94:32:2a:d0:85:96:52:75:92:5c:cf:51:84:64:ea:ee:52:
b0:0e:77:74:4e:e2:45:d4:7b:41:f6:9e:ad:8c:d0:8a:63:e4:
f3:1a:5f:ec:ff:11:ab:4c:10:d8:1c:c4:cb:c3:88:55:da:ef:
e0:61:47:56:4d:5c:bb:4d:da:23:68:7b:30:02:7b:e4:0a:e8:
b6:c4:2e:d3:35:c5:f8:7b:5e:25:10:ae:04:27:c2:f9:43:05:
db:c1:14:8a:8f:96:97:dd:d7:db:79:20:0d:55:11:91:92:12:
c7:eb:66:1a:66:66:3b:d3:f0:68:72:c2:7f:7c:e8:ff:9e:53:
d3:87:b9:a0:fe:0c:ba:03:94:df:0a:60:76:e6:9c:51:04:14:
a7:ef:13:6e:8e:1c:17:35:d1:72:98:aa:61:84:02:b3:fa:41:
27:3b:67:f2:33:f2:1c:32:37:67:a0:ad:83:2c:52:80:99:a8:
3f:f9:ec:2b:81:3b:e0:24:ee:37:77:de:2b:4f:9a:b2:b7:d6:
7c:7f:32:96:79:8b:61:55:2b:a0:fa:65:e9:1c:fb:45:9b:ee:
88:f2:be:0c:30:03:fc:4e:ea:a5:38:74:8b:1d:a5:a6:60:b3:
5f:00:8d:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu+2WASEgVNy61o+3qvkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDU3ZmJlMTBlYjJhZTZlMGY4ZGM3ZWE2MmQ3MGYzMzE2
YzM1ZGIwHhcNMjQwMTAyMTAzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIwNDQyMDU3NGIxYjM4OTY4MjRiMzZiMjJlMWQ4NWM4NmFhN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZgu0mDZEWW0Gt3sp0y5uvjFLhXy
rcpi/NSGEiclSrTgFUefx4gNUdnAEURYPT3avWRa2Ut9qWVS1e5U1xkpstU0vq+p
lqyrAZMTUznBFH3rhGaPkEhVTChfA107dWjPtNM0WZKd9fKJve3/SGltmw7JaswQ
g0ieIPWBzWAJDLsPbcKcjdEqZFwiz1xQHSdNZSls8qZBm/biSOAnOyYvSIa6YD7q
SMwv9m9fKI3Xgq4fKuCgvI8ajl8JR6Xyveup7mSsv/l2Hvx0VSxhix5UUpeW3dEd
rD3m1yGoFee9mY4r3oHgkNDSVEyL1ep3LiaIsSaTFHQ+cZsFPgqv8Y4n+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKwRCBXSxs4loJLNrIuHYXIaqeqMB8GA1UdIwQY
MBaAFPRFf74Q6yrm4PjcfqYtcPMxbDXbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVWX3ZoRHJLdWJnLU54LXBpMXc4ekZzTmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85NDVmMGUtMjY4ZS00OTQ3LWFiYjMt
YTk0MjRkOTQ4MjUxLzEvY3JCRUlGZExHemlXZ2tzMnNpNGRoY2hxcDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85NDVmMGUtMjY4ZS00OTQ3LWFiYjMtYTk0MjRkOTQ4MjUx
LzEvOUVWX3ZoRHJLdWJnLU54LXBpMXc4ekZzTmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc2/MA0G
CSqGSIb3DQEBCwUAA4IBAQCNCZoJKUNfVKhGsPJUGZkI68X4lDIq0IWWUnWSXM9R
hGTq7lKwDnd0TuJF1HtB9p6tjNCKY+TzGl/s/xGrTBDYHMTLw4hV2u/gYUdWTVy7
TdojaHswAnvkCui2xC7TNcX4e14lEK4EJ8L5QwXbwRSKj5aX3dfbeSANVRGRkhLH
62YaZmY70/BocsJ/fOj/nlPTh7mg/gy6A5TfCmB25pxRBBSn7xNujhwXNdFymKph
hAKz+kEnO2fyM/IcMjdnoK2DLFKAmag/+ewrgTvgJO43d94rT5qyt9Z8fzKWeYth
VSug+mXpHPtFm+6I8r4MMAP8TuqlOHSLHaWmYLNfAI2x
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:34:51 2024 by rpki-client on console.sobornost.net